ea37d91d5b1b26ef4b0a444162d0783abb5d066e0a866b9978bcd4c34983c36c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ea37d91d5b1b26ef4b0a444162d0783abb5d066e0a866b9978bcd4c34983c36cN
Size

461KB
Sample

241014-vw6wlawgmg
MD5

c2e8ba55753a46ca5c1217928f31b7b0
SHA1

61ecb3be0ca962560dff0749fdca447dedfe3d95
SHA256

ea37d91d5b1b26ef4b0a444162d0783abb5d066e0a866b9978bcd4c34983c36c
SHA512

af34162a5eb794b443e1e9fca14865db3d6d304ca84b02d543ecdb6e40c8200b16f2a31867536827fa0f9cc631da71f49df589018a3f6568741d522e512707fc
SSDEEP

6144:3cxHqc8NQDVi3ULUgNQPi3UPUgNQViEUjUgN:3EWiUJ

Score

10^/10

discovery persistence

Malware Config

Targets

- Target
  
  ea37d91d5b1b26ef4b0a444162d0783abb5d066e0a866b9978bcd4c34983c36cN
- Size
  
  461KB
- MD5
  
  c2e8ba55753a46ca5c1217928f31b7b0
- SHA1
  
  61ecb3be0ca962560dff0749fdca447dedfe3d95
- SHA256
  
  ea37d91d5b1b26ef4b0a444162d0783abb5d066e0a866b9978bcd4c34983c36c
- SHA512
  
  af34162a5eb794b443e1e9fca14865db3d6d304ca84b02d543ecdb6e40c8200b16f2a31867536827fa0f9cc631da71f49df589018a3f6568741d522e512707fc
- SSDEEP
  
  6144:3cxHqc8NQDVi3ULUgNQPi3UPUgNQViEUjUgN:3EWiUJ
Score

10^/10

discovery persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence